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DETAILED ACTION 
Response to Amendment 
Applicant's arguments/ amendments with respect to amended claim 1 filed 6/10/2005 
have been fully considered but they are not persuasive. Newly present claims 2-20 are rejected 
under new grounds. The Examiner would like to point out that this action is made final (See 
MPEP 706.07a). 

Response to Arguments 
Applicant contends that Fieres et al. do not disclose or suggest "checking the identity and 
authentication of an application for valid use within a domain." Examiner respectfully disagrees. 
Fieres et al. teach that a certificate, including an application identity, is issued and later used in 
order to authenticate the application by checking its identification information to determine 
whether or not it can access the cryptographic functions, i.e. allow valid use, within the domain 
(col. 6, lines 26-38). 

Due to the reasons stated above, the Examiner maintains rejections with respect to 
amended claim 1 . Fieres et al. teach the limitations that the Applicant suggests distinguish from 
the prior art. Therefore, it is the Examiner's conclusion that amended claim 1 is not patentably 
distinct or non-obvious over the prior art of record as presented. 

Claim Rejections - 35 USC §102 
I. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 
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(e) the invention was described in a patent granted on an application for patent by another filed in the United 
States before the invention thereof by the applicant for patent, or on an international application by another who 
has fulfilled the requirements of paragraphs (1), (2), and (4) of section 371(c) of this title before the invention 
thereof by the applicant for patent. 

The changes made to 35 U.S.C. 102(e) by the American Inventors Protection Act of 1999 
(AIPA) and the Intellectual Property and High Technology Technical Amendments Act of 2002 
do not apply when the reference is a U.S. patent resulting directly or indirectly from an 
international application filed before November 29, 2000. Therefore, the prior art date of the 
reference is determined under 35 U.S.C. 102(e) prior to the amendment by the AIPA (pre- AIPA 
35 U.S.C. 102(e)). 

II. Claim 1 is rejected under 35 U.S.C. 102(e) as being fully anticipated by Fieres et al., US 
Patent No. 6,178,504. 
As per claim 1 : 

Fieres et al. teach authenticating the information using a digital signature (col. 8, lines 49- 
55) where it is inherent that a key is necessary and present to validate the signature, hashing sum 
of the application code image (col. 8, line 51), a certificate contains identifying attributes of the 
application which are used to accurately identify an application (col. 8, lines 49-55) and a 
signature validation process can be applied to the applet to verify that the applet has been singed 
by a trusted entity (col. 10, lines 32-34) where the applet is allowed to run after integrity checks 
are confirmed (col. 10, lines 34-35), the architecture provides the concepts of a class of service 
where COS identifiers label the resource (col. 10, lines 45-49), acquire access to resources 
according to the application assigned capabilities and execute application methods in a secure 
location (col. 10, lines 51-59); they are signed by the ICF domain authority and the COS 
identifiers are evaluated before access to the method is granted (col. 11, lines 13-16), requested 



Application/Control Number: 09/858,326 Page 4 

Art Unit: 2133 

attributes are compared to a set of privilege attributes (col. 12, lines 23-25) where if the result is 
positive the caller is allowed to go ahead (col. 12, lines 25-26), and it is inherent that if the result 
is negative then services are denied. Furthermore, Fieres et al. teach checking the application 
authentication file for one or more application identification and authorization objects (col. 6, 
lines 26-38). 

Claim Rejections - 35 USC § 103 

III. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

IV. Claim 2 is rejected under 35 U.S.C. 103(a) as being unpatentable over Fieres et al., US 
Patent No. 6,178,504 as applied to claim 1 above. 

As per claim 2: 

Fieres et al. substantially teach the process of claim 1. Not explicitly disclosed is wherein 
the application identification and authentication objects are stored as a part of an application 
configuration map. However, Fieres et al. teach an application resource map which assign 
certain capabilities to each application. Therefore, it would have been obvious to a person in the 
art at the time the invention was made to modify the method disclosed in Fieres et al. to have an 
application configuration map which identifies the application as well as the authentication 
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the art, at the time the invention was made, would have been motivated to do so since it is 
suggested by Fieres et al. in col. 10, lines 45-55. 

V. Claims 3-6, 9-10, and 13-20 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Fieres et al., US Patent No. 6,178,504 as applied to claim 1 above, and further in view of 
Thomlinson et al., US Patent No. 6,044, 155. 
As per claim 3: 

Fieres et al. substantially teach the process of claim 2. Not explicitly disclosed is wherein 
the user is associated with a user identification and authentication configuration map. However, 
Thomlinson et al. teach a storage server which is used in order to identify and authenticate users 
by using passwords. Therefore, it would have been obvious to a person in the art at the time the 
invention was made to modify the method disclosed in Fieres et al. to have an authentication 
configuration map which identifies the user and provides a means of authentication. This 
modification would have been obvious because a person having ordinary skill in the art, at the 
time the invention was made, would have been motivated to do so since it is suggested by 
Thomlinson et al. in col. 8, lines 1-9. 
As per claim 4: 

Fieres et al. and Thomlinson et al. substantially teach the process of claim 3. 
Furthermore, Thomlinson et al. teach that the authentication map includes a user ED and 
password (col. 8, lines 5-9). 
As per claim 5: 
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Fieres et al. and Thomlinson et al. substantially teach the process of claim 3. 
Furthermore, Thomlinson et al. teach that the authentication map includes a member profile (col. 
9, lines 59-65). 
As per claim 6: 

Fieres et al. and Thomlinson et al. substantially teach the process of claim 5. Not 
explicitly disclosed is wherein the member profile is stored on a token. However, Thomlinson et 
al. teach that a token can be used for stronger authentication. Therefore, it would have been 
obvious to a person in the art at the time the invention was made to modify the method disclosed 
in Fieres et al. for the member profile to be stored on a token. This modification would have 
been obvious because a person having ordinary skill in the art, at the time the invention was 
made, would have been motivated to do so since it is suggested by Thomlinson et al. in col. 10, 
lines 33-35. 
As per claim 9: 

Fieres et al. and Thomlinson et al. substantially teach the process of claim 3. 
Furthermore, Thomlinson et al. teach that the user identification and authentication map includes 
a password (col. 8, lines 5-9) and a member profile (col. 9, lines 59-65), 
As per claim 10: 

Fieres et al. and Thomlinson et al. substantially teach the process of claim 9. Not 
explicitly disclosed is wherein the member profile is stored on a token. However, Thomlinson et 
al. teach that a token can be used for stronger authentication. Therefore, it would have been 
obvious to a person in the art at the time the invention was made to modify the method disclosed 
in Fieres et al. for the member profile to be stored on a token. This modification would have 
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been obvious because a person having ordinary skill in the art, at the time the invention was 
made, would have been motivated to do so since it is suggested by Thomlinson et al. in col. 10, 
lines 33-35. 
As per claim 13: 

Fieres et al. and Thomlinson et al. substantially teach the process of claim 3. 
Furthermore. Thomlinson et al. teach comparing the user identification and authentication 
configuration map with the application identification and authentication objects (col. 9. line 59 - 
col. 10, line 4). 
As per claim 14: 

Fieres et al. and Thomlinson et al. substantially teach the process of claim 13. 
Furthermore, Thomlinson et al. teach providing application services to the user if the result of the 
user identification and authentication comparison is favorable; and denying application services 
to the user if the result of the user identification and authentication comparison is not favorable 
(col. 9, line 59 - col. 10, line 43). 
As per claim 15: 

Fieres et al. and Thomlinson et al. substantially teach the process of claim 14. Not 
explicitly disclosed is wherein the application identification and authorization objects include 
specification of one or more devices. However, Thomlinson et al. teach that in certain instances, 
the password depends on a previous computer or network operating system logon procedure. 
Therefore, it would have been obvious to a person in the art at the time the invention was made 
to modify the method disclosed in Fieres et al. for the application identification and authorization 
objects include specification of one or more devices. This modification would have been 
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obvious because a person having ordinary skill in the art, at the time the invention was made, 
would have been motivated to do so since it is suggested by Thomlinson et al. in col. 10, lines 
58-64. 

As per claim 16: 

Fieres et al. and Thomlinson et al. substantially teach the process of claim 15. 
Furthermore, Fieres et al. teach the domain identification and authentication objects include 
specification of one or more devices (col. 5, lines 59-67) and comparing the decoded application 
identification and authentication objects to the domain identification and authentication objects 
includes comparing the specification of devices (col 6, lines 60-62). 
As per claim 17: 

Fieres et al. and Thomlinson et al. substantially teach the process of claim 16. Not 
explicitly disclosed is wherein the user identification and authentication configuration map 
includes specification of one or more devices. However, Thomlinson et al. teach that in certain 
instances, the password depends on a previous computer or network operating system logon 
procedure. Therefore, it would have been obvious to a person in the art at the time the invention 
was made to modify the method disclosed in Fieres et al. for the user identification and 
authentication configuration map includes specification of one or more devices. This 
modification would have been obvious because a person having ordinary skill in the art, at the 
time the invention was made, would have been motivated to do so since it is suggested by 
Thomlinson et al. in col. 10, lines 58-64. 
As per claim 18: 
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Fieres et al. and Thomlinson et al. substantially teach the process of claim 17. 
Furthermore, Fieres et al. teach wherein comparing the user identification and authentication 
configuration map with the application identification and authentication objects includes 
comparing the specification of devices (col. 6, lines 49-67). 
As per claim 19: 

Fieres et al. and Thomlinson et al. substantially teach the process of claim 15. Not 
explicitly disclosed is wherein the user identification and authentication configuration map 
includes specification of one or more devices. However, Thomlinson et al. teach that in certain 
instances, the password depends on a previous computer or network operating system logon 
procedure. Therefore, it would have been obvious to a person in the art at the time the invention 
was made to modify the method disclosed in Fieres et al. for the user identification and 
authentication configuration map includes specification of one or more devices. This 
modification would have been obvious because a person having ordinary skill in the art, at the 
time the invention was made, would have been motivated to do so since it is suggested by 
Thomlinson et al. in col. 10, lines 58-64. 
As per claim 20: 

Fieres et al. and Thomlinson et al. substantially teach the process of claim 19. 
Furthermore, Fieres et al. teach wherein comparing the user identification and authentication 
configuration map with the application identification and authentication objects includes 
comparing the specification of devices (col. 6, lines 49-67). 
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VI. Claims 7-8 and 1 1-12 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Fieres et al., US Patent No. 6,178,504 and Thomlinson et al., US Patent No. 6,044,155 as applied 
to claims 5, 7, 9, and 1 1 above, and further in view of Subbiah et al, US Patent No. 6,035,403. 
As per claims 7 and 1 1 : 

Fieres et al. and Thomlinson et al. substantially teach the process of claims 5 and 9. 
Furthermore, Thomlinson et al. teach that biometrics may also be used for authentication 
purposes (col. 10, lines 33-35). Not explicitly disclosed is wherein the member profile includes a 
digitized fingerprint template. However, Subbiah et al. teach using fingerprints in a software 
distribution environment to allow for stronger authentication. Therefore, it would have been 
obvious to a person in the art at the time the invention was made to modify the method disclosed 
in Fieres et al. for the member profile to include a digitized fingerprint template. This 
modification would have been obvious because a person having ordinary skill in the art, at the 
time the invention was made, would have been motivated to do so since it is suggested by 
Subbiah et al. in col. 5, lines 8-44. 
As per claims 8 and 12: 

Fieres et al., Thomlinson et al., and Subbiah et al. substantially teach the process of 
claims 7 and 11. Furthermore, Thomlinson et al. teach that biometrics may also be used for 
authentication purposes (col. 10, lines 33-35). Not explicitly disclosed is wherein the member 
profile includes a digitized fingerprint sample. However, Subbiah et al. teach using fingerprints 
in a software distribution environment where a fingerprint sample is needed in order to allow for 
stronger authentication. Therefore, it would have been obvious to a person in the art at the time 
the invention was made to modify the method disclosed in Fieres et al. for the member profile to 
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include a digitized fingerprint sample. This modification would have been obvious because a 
person having ordinary skill in the art, at the time the invention was made, would have been 
motivated to do so since it is suggested by Subbiah et al, in col. 5, lines 8-44. 



Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1. 136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1. 136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Nadia Khoshnoodi whose telephone number is (571) 272-3825. 
The examiner can normally be reached on M-F: 8:00-4:30. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on (571) 272-3865. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 




Nadia Khoshnoodi 
Examiner 
Art Unit 2137 
10/11/2005 
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